<%@page import="java.sql.PreparedStatement"%>
<%@page import="cn.jussi.mydbutils.MyDBUtils"%>
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.Statement"%>
<%@page import="java.sql.Connection"%>
<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Insert title here</title>
</head>
<body>

	<%
		String username = request.getParameter("username");
			String password = request.getParameter("password");
			String sql = "select * from users where username=? and password=?";
			//out.print(sql);
			
			Connection conn = null;
			PreparedStatement stat = null;
			ResultSet rs = null;
			
			try {
		conn = MyDBUtils.getConnection();
		stat = conn.prepareStatement(sql);
		//其索引从 1 开始
		stat.setString(1, username);
		stat.setString(2, password);
		rs = stat.executeQuery();
		if(rs.next()){
			out.println("登入成功！");
		}else{
			out.println("登入失败！");
		}
			} catch(Exception e) {
		out.println(e.getMessage());
		e.getStackTrace();
			} finally {
		MyDBUtils.close(conn, stat, rs);
			}
	%>

</body>
</html>